- News & Events
July 18, 2013
Attacks can come from anywhere by anyone at any time and for any reason. Just ask Relead.com, which, according to a piece on securityweek.com, tracks “exactly who is visiting your Website, and how valuable or interested they are in your business…. From the way the program is explained on the company’s domain, the entire process starts by locating the owner of a given IP address. Usually, this resolves down to the company level and not to a personal level.”
You might say Anonymous took umbrage to Relead.com’s business model characterizing what the company does as, “scumbag business practices.” However, Anonymous’s critique did not end with name calling. The hacker group claims to have leaked Relead.com’s customer database.
A statement from Anonymous further explained its actions this way, “While Relead is happy to help their customers harass visitors who have not created an account on whatever site they are helping monitor, have not voluntarily provided any information to the site in question for marketing purposes or in fact given any permission to have their privacy invaded so crassly, they are oddly reticent about who their customers are…. Who is paying Relead to help them snoop on their unsuspecting Website visitors? Who is willing to provide cash to a company that is essentially taking the NSA surveillance program as a business model? We wondered the same thing, so we decided to find out.”
Anonymous went on to say that it was duck soup obtaining Relead.com’s customer base because it was easily accessible and didn’t require authentication.
While Anonymous and not securityweek.com was responsible for leaking the information, securityweek.com did disclose some interesting bits of information from the hack. “The customer list is composed of names and email addresses, including one Website known for stealing security-based news and claiming it as their own. Another standout address was F-Secure’s Mikko Hypponen, who said he used the service to see how much they could tell about a typical website’s anonymous user – in his words Relead.com ‘saw almost nothing.’” And, at least one Relead.com customer agreed with Hypponen’s assessment that “there (wasn’t) anything Relead.com (was) offering that IP logs (didn’t) show.”
However, Anonymous didn’t hack Relead.com for not providing customers value for their money or for violating people’s privacy. Anonymous hacked the company because it perceived the company was doing something it did not like.
And, if a perceived wrong is enough to cause a company to be hacked, imagine the magnitude of threats posed by greedy cybercriminals and unscrupulous hostile governments.
Smart Business (sbnonline.com) discussed the dangers faced by businesses with Pervez Delawalla, President and CEO, Net2EZ, which provides managed network services.
Delawalla noted the lack of attention devoted to issues of security, “Business owners will lock their cars and protect their homes in sophisticated ways but won’t protect the most critical area, which is where their data sits. Because it’s not happening in front of us, but in the cyberworld, many tend to not pay attention.”
According to a sbnonline.com piece, the greatest threat to data comes from “foreign governments trying to penetrate our systems for intelligence from which economic value can be gained. A great deal of proprietary information, such as designs and ideas for new products, is being stored on company servers.”
The conventional wisdom had it that a hacker looking to make a reputation would take down a website by bombarding it with bogus traffic. Now, though, in a case not too dissimilar to the Anonymous hacking of Relead.com, hackers prefer to steal data rather than shut down their target’s site.
Says sbnonline.com, “In extreme cases, a data breach could trigger the complete downfall of a company. Depending on the nature of the attack, a breach could cause customers to lose trust in the company and its brands…In other instances, valuable intellectual property could be lost and the associated R&D investment would be hard to recoup.”
Cyberthreats can come from almost anywhere including inside the company from a corrupt employee or as the result of an employee falling for a phishing email scam and divulging passwords or other data. Or the threat can be external. An executive traveling overseas can unknowingly have malware loaded on his/her smartphone. Back home, when the executive connects to the company network, the malware sneaks right in.
A way to ensure this doesn’t happen is to have company representatives traveling overseas use conventional cellphones. However, if an executive insists on taking a smartphone, the data should be backed up data before leaving and when he/she returns, the phone should be wiped before reconnecting to the network.
The article notes the best strategy for protecting a network is establishing “layers of protection. For example, set criteria for employees to access certain company information on its servers. Similarly, companies should employ hardware in layers in order to protect critical data.”
It also notes that companies should have intrusion protection systems for detecting when, who, where and how a network has been penetrated and firewalls to block unwanted traffic. These systems should be audited periodically to ensure their effectiveness. “Too often companies set up these systems and forget about them until something bad happens.”
If a company is large enough, it should add a chief security officer to work alongside its chief technology officer. But, if an organization can’t maintain both positions, it should opt for hiring a company that provides cybersecurity on an ongoing basis.
ThreatMetrix is the fastest-growing provider of integrated web fraud and cybersecurity solutions. The TrustDefender™ Cybercrime Protection Platform helps companies prevent unauthorized access to web and mobile applications, protect sensitive data, and secure transactions against account takeover, payment fraud, identity spoofing, malware, and data breaches. ThreatMetrix protects more than 1,500 customers and 9,000 websites across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government, and insurance. For more information, visit www.threatmetrix.com or call 1-408-200-5755.
To join in the cybersecurity conversation, follow us on Twitter @ThreatMetrix.
Posted by Dan Rampe
Tags: Account Takeover, Account Takeover Fraud, Anonymous, Cookieless Device Identification, Credit Card Fraud, Cyber attacks, Cyber Warfare, Device Detection, Device Fingerprint, Device Identification, Malware, Malware Protection, MitB, PII, ThreatMetrix, ThreatMetrix Global Trust Intelligence Network, TrustDefender Cybercrime Protection Platform, Web Fraud